
package com.xzd.shiro;

import java.lang.reflect.InvocationTargetException;
import java.util.ArrayList;
import java.util.Date;
import java.util.List;

import org.apache.commons.beanutils.BeanUtils;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.DisabledAccountException;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authc.UnknownAccountException;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.springframework.beans.factory.annotation.Autowired;

import com.xzd.mapper.ResourceMapper;
import com.xzd.mapper.RoleMapper;
import com.xzd.mapper.UserMapper;
import com.xzd.model.Resource;
import com.xzd.model.Role;
import com.xzd.model.User;
import com.xzd.utils.Constants;
import com.xzd.utils.ParamValidator;
import com.xzd.vo.ResourceVo;

import lombok.extern.slf4j.Slf4j;

@Slf4j
public class StaticRealm extends AuthorizingRealm {
	
	@Autowired
	UserMapper userMapper;
	
	@Autowired
	RoleMapper roleMapper;
	
	@Autowired
	ResourceMapper resourceMapper;
	
	/**
	 * 用来判断授权的
	 */
	@Override
	protected AuthorizationInfo doGetAuthorizationInfo(
			PrincipalCollection principals) {
		User user = (User) principals.getPrimaryPrincipal();
		System.out.println(user.getId());
		
		User token = (User)SecurityUtils.getSubject().getPrincipal();
		
		List<Role> roles = roleMapper.selectRolesByUserId(token.getId());
		System.out.println(roles);
		SimpleAuthorizationInfo info =  new SimpleAuthorizationInfo();
		
		Long userId = token.getId();
		
		//查询一级菜单
//		List<ResourceVo> resVoList = new ArrayList<ResourceVo>();
		
//		try {
//			List<Resource> resList = resourceMapper.selectResourceByCondition(userId, Constants.MENU_TYPE_ONE,0L);
//			if(ParamValidator.validatorParamsNotEmpty(resList)){
//				for(Resource res : resList){
//					ResourceVo resourceVo = new ResourceVo();
//					BeanUtils.copyProperties(resourceVo, res); 
//					
//					List<Resource>  subResourceList = resourceMapper.selectResourceByCondition(userId, Constants.MENU_TYPE_ONE, res.getId());
////				System.out.println(subResourceList);
//					
//					if(ParamValidator.validatorParamsNotEmpty(subResourceList)){
//						List<ResourceVo> subVolist = new ArrayList<ResourceVo>();
//						for(Resource resourceItem : subResourceList){
//							ResourceVo resourceVoItem = new ResourceVo();
//							BeanUtils.copyProperties(resourceVoItem, resourceItem); 
//							subVolist.add(resourceVoItem);
//						}
//						
//						resourceVo.setSubResourceList(subVolist);
//					}
//					
//					resVoList.add(resourceVo);
//				}
//			}
//		}  catch (Exception e) {
//			e.printStackTrace();
//		}
		
		
		List<ResourceVo> resVoList = resourceMapper.selectResourceByCondition2(userId);
		System.out.println(resVoList);
		System.out.println(token.getId());
		log.info("中午的哦");
		//System.out.println("dddddd");
		info.addStringPermission("/aa/dd");
		List<User> userList = userMapper.selectUsersByCondition();
		System.out.println(userList);
		
		return info;
	}

	/**
	 * 用来判断认证的
	 */
	@Override
	protected AuthenticationInfo doGetAuthenticationInfo(
			AuthenticationToken token) throws AuthenticationException {
		log.info("登录验证.....");
		System.out.println(Thread.currentThread());
		String username = token.getPrincipal().toString();
		User user = null;
		try {
			user = userMapper.login(username);
		} catch (Exception e) {
			e.printStackTrace();
		}
		
		Resource resource = new Resource();
		resource.setId(226L);
		resource.setCreatedate(new Date());
		
		resourceMapper.updateByPrimaryKeySelective(resource);
		
		
		if(null == user){
			throw new UnknownAccountException("帐号不正确！");
		/**
		 * 如果用户的status为禁用。那么就抛出<code>DisabledAccountException</code>
		 */
		}else if(User._0.equals(user.getStatus())){
			throw new DisabledAccountException("帐号已经禁止登录！");
		}else{
			//更新登录时间 last login time
			user.setLastLoginTime(new Date());
//			userService.updateByPrimaryKeySelective(user);
		}
		
		return new SimpleAuthenticationInfo(user,user.getPassword(), getName());
	}

}
